Cookie “io” has been rejected because it is in a cross-site context and its “SameSite” is “Lax” or “Strict”

[online0227]

I am trying to send cookie to api server from only specific domain I set, where react client exists.

I get errors like (on firefox since chrome doesn't show an error while not working correctly as well):

Cookie “io” has been rejected because it is in a cross-site context and its “SameSite” is “Lax” or “Strict”.

If I test them on localhost with just different ports (e.g. http://localhost:4001 and http://localhost:4002), they works fine because both client and server resides in localhost. The error above only shows when separating them to different domains (e.g. http://app1.localhost and http://app2.localhost).

In client, I connect api server like:

import io from "socket.io-client";
...
const socket = io.connect(config.server_address, { forceNew: true });
...

In server, I receive this:

import socketIO from 'socket.io';
...
this.io = socketIO(server);
...

I tried everything written in https://socket.io/docs/v3/handling-cors/ but none of them works.

Following is my socket.io versions:

"socket.io": "^2.3.0",
"socket.io-stream": "^0.9.1",
"socket.io-client": "^2.3.0"

Following is what I get the value of "socket.handshake.headers" when cookie is received by testing them in same domain. Here you can see that cookie is attached:

Client connected :  {
  host: 'localhost:4002',
  'user-agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0',
  accept: '*/*',
  'accept-language': 'en-CA,en-US;q=0.7,en;q=0.3',
  'accept-encoding': 'gzip, deflate',
  origin: 'http://localhost:4001',
  connection: 'keep-alive',
  referer: 'http://localhost:4001/',
  cookie: 'io=AKjFjtpzw4JxFsKTAAAB; Token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOjM3LCJpYXQiOjE2MTIxMDQxMzksImV4cCI6MTYxMjE5MDUzOX0.fNvVc7oytOJumadAlPl3S3DHLHPAkWpRfGX932X-o0A

Following is what I get the value of "socket.handshake.headers" when cookie is NOT received by testing them in different domain (which is issue I have right now). Here you can see that cookie is NOT attached:

Client connected :  {
  'x-real-ip': '127.0.0.1',
  'x-forwarded-for': '127.0.0.1',
  host: 'app5.localhost',
  'x-nginx-proxy': 'false',
  connection: 'upgrade',
  'user-agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0',
  accept: '*/*',
  'accept-language': 'en-CA,en-US;q=0.7,en;q=0.3',
  'accept-encoding': 'gzip, deflate',
  origin: 'http://app1.localhost',
  referer: 'http://app1.localhost/'
}

How can I send cookie via different domain using Socket.IO?